Description
In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix chunk map leak in btrfs_map_block() after btrfs_chunk_map_num_copies()

Fix a chunk map leak in btrfs_map_block(): if we return early with -EINVAL,
we're not freeing the chunk map that we've just looked up.
Published: 2026-05-08
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in the Linux kernel’s btrfs filesystem driver causes a memory leak: when btrfs_map_block() exits early with the error code -EINVAL, the chunk map it just retrieved is not released. The leak accumulates kernel memory over time, which can eventually exhaust available memory and result in a denial‑of‑service condition for the entire system. The weakness identified is a failure to free a resource (CWE‑772).

Affected Systems

Any Linux kernel running the unpatched btrfs filesystem code is affected. The advisory lists no particular version numbers; the fix resides in the commit that replaces the buggy logic. Distributions or custom builds that have not incorporated that commit remain vulnerable until they upgrade to a kernel including the patch.

Risk and Exploitability

The flaw is local to the kernel and would require the attacker to be able to repeatedly trigger the failing path of btrfs_map_block(), such as by mounting or accessing Btrfs volumes. The CVSS score of 5.5 indicates medium severity. The EPSS score is not available, and the vulnerability is not in the CISA KEV catalog. The likely attack vector is inferred as local code execution that can invoke the vulnerable filesystem operation. There are no public exploits known, but sustained use of the flaw could lead to resource exhaustion and service disruption.

Generated by OpenCVE AI on May 9, 2026 at 06:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply updated Linux kernel that contains the btrfs_map_block leak fix (e.g., the commit identified in the advisory).
  • Restrict privileged or potentially untrusted processes from performing Btrfs operations that could exercise the leaking code path.
  • Monitor system memory consumption and Btrfs‑related errors, and consider temporarily migrating critical workloads to a different filesystem if resource exhaustion becomes apparent.

Generated by OpenCVE AI on May 9, 2026 at 06:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 09 May 2026 03:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Sat, 09 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-772
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low

Fri, 08 May 2026 17:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Fri, 08 May 2026 14:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: btrfs: fix chunk map leak in btrfs_map_block() after btrfs_chunk_map_num_copies() Fix a chunk map leak in btrfs_map_block(): if we return early with -EINVAL, we're not freeing the chunk map that we've just looked up.
Title btrfs: fix chunk map leak in btrfs_map_block() after btrfs_chunk_map_num_copies()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-08T14:21:37.368Z

Reserved: 2026-05-01T14:12:56.007Z

Link: CVE-2026-43393

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-08T15:16:50.693

Modified: 2026-05-08T15:16:50.693

Link: CVE-2026-43393

cve-icon Redhat

Severity : Low

Publid Date: 2026-05-08T00:00:00Z

Links: CVE-2026-43393 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-09T06:45:27Z

Weaknesses